Sabre Corporation
Company Details
Linkedin ID:
sabre-corporation
Website:
Employees number:
9,090
Number of followers:
315,343
NAICS:
513
Industry Type:
Homepage:
sabre.com
IP Addresses:
0
Company ID:
SAB_1769645
Scan Status:
In-progress
Sabre Corporation Company CyberSecurity Posture
sabre.com
We are a technology company that powers the global travel industry. By leveraging next-generation technology, we create global technology solutions that take on the biggest opportunities and solve the most complex challenges in travel. Every day, millions of consumers and employees interact with our technology worldwide. We power mobile apps, airport check-in kiosks, online travel sites, airline and hotel reservation networks, travel agent terminals, and scores of other solutions. Positioned at the center of travel, we shape the future by offering innovative advancements that pave the way for a more connected and seamless ecosystem – empowering both clients and travelers with greater control and convenience. Want to learn more? Visit www.sabre.com
Sabre Corporation A.I CyberSecurity Scoring
Sabre Corporation Risk Score (AI oriented)Between 650 and 699
Sabre Corporation
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Sabre Corporation Global Score (TPRM)XXXX
Sabre Corporation
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Sabre Corporation Company CyberSecurity News & History
Past Incidents
4
Attack Types
2
Sabre GLBL Inc.
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Office of the Attorney General reported a data breach involving Sabre GLBL Inc. on December 9, 2024. The breach occurred on September 6, 2023, and involved personal information of employees, including Social Security numbers and employment-related information. Approximately UNKN individuals were affected, and Sabre has implemented response actions including offering free credit monitoring services.
Sabre GLBL Inc.
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The Vermont Office of the Attorney General reported a data breach involving Sabre GLBL Inc. on December 9, 2024. The breach, which occurred on September 6, 2023, involved unauthorized access to employee personal information, including names, Social Security numbers, and other sensitive information, potentially posted on the dark web.
Sabre Corporation
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: A global travel technology company suffered a breach that affected at least some of the many bookings passed through its reservations system. An unauthorized party gained the access to the bookings that passed through its SynXis Central Reservations system. The compromised information includes customers’ personally identifiable information (PII), payment card information (PCI), and other details. Sabre launched the investigation and started notifying the affected customers.
Sabre Corporation
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The largest travel booking company in the world, Sabre, declared that it was investigating claims of a cyberattack after a group of files purportedly seized from the business appeared on a leak site run by an extortion ring. The claims of data exfiltration made by the threat group are known to Sabre, and it is investigating them to determine whether they are accurate. The Dunghill Leak outfit admitted to carrying out the purported cyberattack in a blog on their leak website on the dark web. stating that 1.3 terabytes of data were required, including databases on ticket sales, passenger volume, employee personal information, and business financial information.
Sabre Corporation Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Sabre Corporation
Incidents vs Technology, Information and Internet Industry Average (This Year)
No incidents recorded for Sabre Corporation in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Sabre Corporation in 2025.
Incident Types Sabre Corporation vs Technology, Information and Internet Industry Avg (This Year)
No incidents recorded for Sabre Corporation in 2025.
Incident History — Sabre Corporation (X = Date, Y = Severity)
Sabre Corporation cyber incidents detection timeline including parent company and subsidiaries
Sabre Corporation Company Subsidiaries
We are a technology company that powers the global travel industry. By leveraging next-generation technology, we create global technology solutions that take on the biggest opportunities and solve the most complex challenges in travel. Every day, millions of consumers and employees interact with our technology worldwide. We power mobile apps, airport check-in kiosks, online travel sites, airline and hotel reservation networks, travel agent terminals, and scores of other solutions. Positioned at the center of travel, we shape the future by offering innovative advancements that pave the way for a more connected and seamless ecosystem – empowering both clients and travelers with greater control and convenience. Want to learn more? Visit www.sabre.com
Loading...
Sabre Corporation Similar Companies
Times Internet
At Times Internet, we create premium digital products that simplify and enhance the lives of millions. As India’s largest digital products company, we have a significant presence across a wide range of categories, including News, Sports, Fintech, and Enterprise solutions. Our portfolio features mar
OYO is a global platform that aims to empower entrepreneurs and small businesses with hotels and homes by providing full-stack technology products and services that aims to increase revenue and ease operations; bringing easy-to-book, affordable, and trusted accommodation to customers around the worl
Swiggy is India’s pioneering on-demand convenience platform, catering to millions of consumers each month. Founded in 2014, its mission is to elevate the quality of life for the urban consumer by offering unparalleled convenience. With an extensive footprint in food delivery, Swiggy Food collaborate
NetEase
As a leading internet technology company based in China, NetEase, Inc. (NASDAQ: NTES and HKEX:9999, "NetEase") provides premium online services centered around content creation. With extensive offerings across its expanding gaming ecosystem, NetEase develops and operates some of China's most popula
Independiente / Freelance
La etimología de la palabra deriva del término medieval inglés usado para un mercenario (free-independiente o lance-lanza), es decir, un caballero que no servía a ningún señor en concreto y cuyos servicios podían ser alquilados por cualquiera. El término fue acuñado inicialmente por Sir Walter Scot
Jumia (NYSE :JMIA) is a leading e-commerce platform in Africa. It is built around a marketplace, Jumia Logistics, and JumiaPay. The marketplace helps millions of consumers and sellers to connect and transact. Jumia Logistics enables the delivery of millions of packages through our network of local p
SLB
We are a technology company that unlocks access to energy for the benefit of all. As innovators, that’s been our mission for nearly a century. Today, we face a global imperative to create a future with more energy, but less carbon. Our diverse, innovative change makers are focused on going further i
Mercado Livre Brasil
Fundada em 1999, MercadoLivre é uma companhia de tecnologia líder em comércio eletrônico na América Latina. Por meio de suas principais plataformas MercadoLivre.com e MercadoPago.com, oferece soluções de comércio eletrônico para que pessoas e empresas possam comprar, vender, pagar e anunciar produto
Peraton
Do the can't be done. At Peraton, we're at the forefront of delivering the next big thing every day. We're the partner of choice to help solve some of the world's most daunting challenges, delivering bold, new solutions to keep people around the world safer and more secure. How do we do it? By thi
.png)
Sabre Corporation CyberSecurity News
October 30, 2025 07:00 AM
Aviation Software Market Worth USD 18 Bn by 2030 as AI Adoption for Fuel Efficiency, Predictive Maintenance & Cybersecurity Compliance Rise, says Mordor Intelligence
PRNewswire/ -- According to Mordor Intelligence, the aviation software market is projected to grow from USD 13.13 billion in 2025 to USD...
October 28, 2025 07:00 AM
Financial Survey: Sabre (NASDAQ:SABR) and Tyler Technologies (NYSE:TYL)
Read Financial Survey: Sabre (NASDAQ:SABR) and Tyler Technologies (NYSE:TYL) at Defense World.
October 22, 2025 07:00 AM
The Best Tech Stocks to Buy
Technology stocks offer investors the promise of growth in ways few other sectors can. After all, tech is synonymous with innovation,...
October 18, 2025 07:00 AM
The $151 bn EMEA Cybersecurity Opportunity: Vendor Actions, Client Incidents, and What Leaders Must Do Next
The EMEA cybersecurity market is at an inflection point. Omdia forecasts show the region becoming a $151 billion cybersecurity market by...
October 06, 2025 07:00 AM
Sabre Systems hires Quigley as CEO
The CM Equity Partners-owned company enters a new phase of its strategy to grow software engineering, cyber and other technology services...
August 03, 2025 09:51 PM
2025 SABRE Asia-Pacific Finalists
Finalists for the 2025 Asia-Pacific SABRE Awards, taking place in Singapore on 9 September.
August 01, 2025 06:33 AM
Sabre secures every leg of the journey with a platform approach from Palo Alto Networks
Learn how Sabre Corporation, a global travel technology leader, partnered with Palo Alto Networks to achieve a 95% reduction in security incidents and a 90%...
July 30, 2025 07:00 AM
UPD. Aeroflot resumed operations a few days after the largest cyberattack on the company's IT infrastructure
Hacker groups Silent Crow and Cyber Partisans BY announced a large-scale operation in which they completely destroyed the internal IT...
July 14, 2025 07:00 AM
EXERCISE TALISMAN SABRE 2025 OPENS - APDR
Australia's largest bilateral military exercise, Exercise Talisman Sabre 2025, officially commenced today with an opening ceremony held on board HMAS Adelaide.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Sabre Corporation CyberSecurity History Information
Official Website of Sabre Corporation
The official website of Sabre Corporation is https://www.sabre.com/about/.
Sabre Corporation’s AI-Generated Cybersecurity Score
According to Rankiteo, Sabre Corporation’s AI-generated cybersecurity score is 691, reflecting their Weak security posture.
How many security badges does Sabre Corporation’ have ?
According to Rankiteo, Sabre Corporation currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Sabre Corporation have SOC 2 Type 1 certification ?
According to Rankiteo, Sabre Corporation is not certified under SOC 2 Type 1.
Does Sabre Corporation have SOC 2 Type 2 certification ?
According to Rankiteo, Sabre Corporation does not hold a SOC 2 Type 2 certification.
Does Sabre Corporation comply with GDPR ?
According to Rankiteo, Sabre Corporation is not listed as GDPR compliant.
Does Sabre Corporation have PCI DSS certification ?
According to Rankiteo, Sabre Corporation does not currently maintain PCI DSS compliance.
Does Sabre Corporation comply with HIPAA ?
According to Rankiteo, Sabre Corporation is not compliant with HIPAA regulations.
Does Sabre Corporation have ISO 27001 certification ?
According to Rankiteo,Sabre Corporation is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Sabre Corporation
Sabre Corporation operates primarily in the Technology, Information and Internet industry.
Number of Employees at Sabre Corporation
Sabre Corporation employs approximately 9,090 people worldwide.
Subsidiaries Owned by Sabre Corporation
Sabre Corporation presently has no subsidiaries across any sectors.
Sabre Corporation’s LinkedIn Followers
Sabre Corporation’s official LinkedIn profile has approximately 315,343 followers.
NAICS Classification of Sabre Corporation
Sabre Corporation is classified under the NAICS code 513, which corresponds to Others.
Sabre Corporation’s Presence on Crunchbase
No, Sabre Corporation does not have a profile on Crunchbase.
Sabre Corporation’s Presence on LinkedIn
Yes, Sabre Corporation maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/sabre-corporation.
Cybersecurity Incidents Involving Sabre Corporation
As of November 28, 2025, Rankiteo reports that Sabre Corporation has experienced 4 cybersecurity incidents.
Number of Peer and Competitor Companies
Sabre Corporation has an estimated 12,566 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Sabre Corporation ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak and Breach.
How does Sabre Corporation detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with notifying affected customers, and remediation measures with offering free credit monitoring services..
Incident Details
Can you provide details on each incident ?
Title: Data Breach at Global Travel Technology Company
Description: A global travel technology company suffered a breach that affected at least some of the many bookings passed through its reservations system. An unauthorized party gained access to the bookings that passed through its SynXis Central Reservations system. The compromised information includes customers’ personally identifiable information (PII), payment card information (PCI), and other details. Sabre launched the investigation and started notifying the affected customers.
Type: Data Breach
Attack Vector: Unauthorized Access
Threat Actor: Unauthorized Party
Title: Sabre Cyberattack and Data Exfiltration
Description: Sabre, the largest travel booking company in the world, declared that it was investigating claims of a cyberattack after a group of files purportedly seized from the business appeared on a leak site run by an extortion ring.
Type: Data Exfiltration
Threat Actor: Dunghill Leak
Motivation: Extortion
Title: Data Breach at Sabre GLBL Inc.
Description: The Vermont Office of the Attorney General reported a data breach involving Sabre GLBL Inc. on December 9, 2024. The breach, which occurred on September 6, 2023, involved unauthorized access to employee personal information, including names, Social Security numbers, and other sensitive information, potentially posted on the dark web.
Date Detected: 2023-09-06
Date Publicly Disclosed: 2024-12-09
Type: Data Breach
Attack Vector: Unauthorized Access
Title: Data Breach at Sabre GLBL Inc.
Description: The California Office of the Attorney General reported a data breach involving Sabre GLBL Inc. on December 9, 2024. The breach occurred on September 6, 2023, and involved personal information of employees, including Social Security numbers and employment-related information. Approximately UNKN individuals were affected, and Sabre has implemented response actions including offering free credit monitoring services.
Date Detected: 2023-09-06
Date Publicly Disclosed: 2024-12-09
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach SAB103730922
Data Compromised: Pii, Pci, Other details
Systems Affected: SynXis Central Reservations System
Incident : Data Exfiltration SAB93611923
Data Compromised: 1.3 terabytes of data including databases on ticket sales, passenger volume, employee personal information, and business financial information
Incident : Data Breach SAB1033072725
Data Compromised: Names, Social security numbers, Other sensitive information
Incident : Data Breach SAB126072825
Data Compromised: Social security numbers, Employment-related information
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Pii, Pci, Other Details, , Ticket Sales, Passenger Volume, Employee Personal Information, Business Financial Information, , Names, Social Security Numbers, Other Sensitive Information, , Social Security Numbers, Employment-Related Information and .
Which entities were affected by each incident ?
Incident : Data Breach SAB103730922
Entity Name: Sabre
Entity Type: Travel Technology Company
Industry: Travel and Hospitality
Incident : Data Exfiltration SAB93611923
Entity Name: Sabre
Entity Type: Company
Industry: Travel Booking
Size: Large
Incident : Data Breach SAB126072825
Entity Name: Sabre GLBL Inc.
Entity Type: Company
Customers Affected: UNKN
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach SAB103730922
Communication Strategy: Notifying Affected Customers
Incident : Data Breach SAB126072825
Remediation Measures: Offering free credit monitoring services
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach SAB103730922
Type of Data Compromised: Pii, Pci, Other details
Personally Identifiable Information: Yes
Incident : Data Exfiltration SAB93611923
Type of Data Compromised: Ticket sales, Passenger volume, Employee personal information, Business financial information
Sensitivity of Data: High
Data Exfiltration: 1.3 terabytes
Personally Identifiable Information: Yes
Incident : Data Breach SAB1033072725
Type of Data Compromised: Names, Social security numbers, Other sensitive information
Sensitivity of Data: High
Data Exfiltration: Potentially posted on the dark web
Incident : Data Breach SAB126072825
Type of Data Compromised: Social security numbers, Employment-related information
Number of Records Exposed: UNKN
Sensitivity of Data: High
Personally Identifiable Information: Social Security numbers
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Offering free credit monitoring services, .
References
Where can I find more information about each incident ?
Incident : Data Exfiltration SAB93611923
Source: Sabre
Incident : Data Breach SAB1033072725
Source: Vermont Office of the Attorney General
Date Accessed: 2024-12-09
Incident : Data Breach SAB126072825
Source: California Office of the Attorney General
Date Accessed: 2024-12-09
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Sabre, and Source: Vermont Office of the Attorney GeneralDate Accessed: 2024-12-09, and Source: California Office of the Attorney GeneralDate Accessed: 2024-12-09.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach SAB103730922
Investigation Status: Ongoing
Incident : Data Exfiltration SAB93611923
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notifying Affected Customers.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach SAB103730922
Customer Advisories: Notifying Affected Customers
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Notifying Affected Customers.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Unauthorized Party and Dunghill Leak.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-09-06.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-12-09.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were PII, PCI, Other Details, , 1.3 terabytes of data including databases on ticket sales, passenger volume, employee personal information, and business financial information, names, Social Security numbers, other sensitive information, , Social Security numbers, employment-related information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was SynXis Central Reservations System.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were PCI, employment-related information, 1.3 terabytes of data including databases on ticket sales, passenger volume, employee personal information, and business financial information, other sensitive information, PII, Other Details, names and Social Security numbers.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are California Office of the Attorney General, Sabre and Vermont Office of the Attorney General.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Notifying Affected Customers.
.png)
Latest Global CVEs (Not Company-Specific)
Description
ThingsBoard in versions prior to v4.2.1 allows an authenticated user to upload malicious SVG images via the "Image Gallery", leading to a Stored Cross-Site Scripting (XSS) vulnerability. The exploit can be triggered when any user accesses the public API endpoint of the malicious SVG images, or if the malicious images are embedded in an `iframe` element, during a widget creation, deployed to any page of the platform (e.g., dashboards), and accessed during normal operations. The vulnerability resides in the `ImageController`, which fails to restrict the execution of JavaScript code when an image is loaded by the user's browser. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions.
Risk Information
cvss4
Base: 6.2
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email address used when switching authentication methods and sending a request to the /users/login/sso/code-exchange endpoint. The vulnerability requires ExperimentalEnableAuthenticationTransfer to be enabled (default: enabled) and RequireEmailVerification to be disabled (default: disabled).
Risk Information
cvss3
Base: 9.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References
Description
Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to sanitize team email addresses to be visible only to Team Admins, which allows any authenticated user to view team email addresses via the GET /api/v4/channels/{channel_id}/common_teams endpoint
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References
Description
Exposure of email service credentials to users without administrative rights in Devolutions Server.This issue affects Devolutions Server: before 2025.2.21, before 2025.3.9.
Description
Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=sabre-corporation' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
